InterContinental Hotels Group announced Wednesday that the payment software at more than 1,000 of its hotels were infiltrated by malware from September to December 2016. The incident is part of the same campaign that affected at least 12 hotel restaurants and bars during the same time period.

The bad news continues - the malware wasn't "eradicated until the properties were investigated in February and March 2017." However, the company claimed there's no evidence of "unauthorized access to payment card data after December 29, 2016."

IHG hasn't released a full list of the hotels, but you can look up locations by state here.

"It is always advisable to remain vigilant to the possibility of fraud by reviewing your payment card statements for any unauthorized activity," the company advised. "You should immediately report any unauthorized charges to your card issuer because payment card rules generally provide that cardholders are not responsible for unauthorized charges reported in a timely manner."